General Data Protection Regulation

The new general Data Protection Regulation shall enter into force on May 25, 2018, throughout Europe. It entails stronger consumer rights, new liability obligations and restrictions on international data flows. In the event of non-compliance, organizations in breach of GDPR can be fined up to 4% of annual global turnover or € 20 Million.

The Data Protection Regulation (GDPR) implies significant changes, compared to the Austrian Data Protection Act (DSG2000). The GDPR regulates the collection, storage, processing and disclosure of personal data (of natural persons), where the legality of such processing is the sole responsibility of the Executive Board, the Managing Director, the Board of Directors or the individual entrepreneurs.

Status quo
Whereas reporting to the Data Processing Register sufficed to meet the legal requirements, the obligation of such reporting will be waived; however, the organization must ensure detailed documentation about the different data applications. With this "Record of processing activities", you always have to provide up-to-date information on the data you are collecting, from whom and when, where and in which form they are processed, who has access to it, which data are disclosed to whom, and many more.

In the framework of the Artus GDPR Readiness Assessment, we use a 360-degree analysis to check whether and to what extent your company meets the requirements of the new GDPR. Based on these results we elaborate solutions together with your team to ensure compliance and assist you with implementation using suitable measures.

Legal/IT Interface
With the new regulation, numerous information requirements must be observed with data collection and processing. Every person concerned, whether customer, employee or supplier, must be given full information on the data stored about them, within one month. Persons concerned have the right to rectification, erasure, restriction of the processing and the right to object to data transfer to a third party receiver.

Compliance with the GDPR specifications requires the development of practice-oriented and individual processing processes, which we define together with your employees. In addition to the organizational and data protection law-relevant criteria, our experts also develop the measures necessary to comply with the technical requirements.

Our services in brief

Sub navigation:

Personal Consulting

Our team is looking forward
to your request

Ferdinand  Pongracz

Mag. Ferdinand Pongracz

Chief Information Officer

T: +43-1-5137900

Contact us now

Independent Member of BKR International

Contact | Imprint| Privacy Policy

Follow us on: Facebook LinkedIn Xing Twitter

to top
This website uses Cookies that are necessary for full use of the website.
Detailed information about the use of Cookies on this website can be found in our data privacy policy.
There, the use of Cookies can also be declined.